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DETAILED ACTION 

1. This office action is in response to the amendment filed April 25, 2005. Claims 1-3, 5, 8- 
10, 13-13, and 25-27 are presented for examination. 

2. The text of those sections of Title 35, U.S. code not included in this office action can be 
found in a prior office action. 

Claim Rejections - 35 USC §103 

3. Claims 1-3, 5, 8-10, 13-20, 21-23, and 25-27 are rejected under 35 U.S^C. 103(a) as 
being unpatentable over Kempf et al. (USPN 5,359,721) (hereinafter Kempf) in view of Chu 
(USPN 6,256,657) (hereinafter Cannavino) in view of Chu (USPN 6,256,657). 

4. As per claims 1-3 and 5, Kempf teaches the invention as claimed, including a method, 
comprising the steps of loading a code module into a memory space of a first domain, the code 
module including an instruction having a symbol reference (col. 6 line 60 - col. 7 line 22); 

determining if the symbol reference is to an external location outside of the memory 
space (col. 9 lines 3.-13); 

generating a link stub for the symbol reference when the symbol reference is to an 
external location to access the external location (col. 9 lines 14-25), wherein the link stub is a 
jump instruction to the external location (col. 9 lines 14-25) that is part of a linking table entry 
corresponding to the symbol reference (col. 7 lines 23-44); and 

redirecting the instruction to the hnk stub (col. 9 Unes 14-25), 
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5. Cannavino teaches the invention as claimed, including determining if the external 
location is within a second domain that is within a protection view of the first domain (col. 1 5 
line 62 - col. 16 line 3); 

requesting attachment of the second domain to the first domain when the second domain 
is determined not to be within the protection view of the first domain (col. 16 lines 5-10); 

determining whether the attachment request is permitted based on authorization 
information provided by the fu"st domain (col. 16 hnes 10-15); and 

attaching the second domain to the first domain using an attachment mechanism (col. 13 
line 60 - col. 14 line 7), wherein attachment to the second domain is not permitted when the 
attachment request is not permitted (col. 16 lines 10-15). 

6. Chu teaches the invention as claimed, wherein the first domain owns one of a kernel 
space and a portion of a user space and the second domain owns the other one of the kernel space 
and a portion of the user space (col. 6 lines 21-26, 56-61; col. 7 lines 54-57). 

7. There are numerous advantageous features taught by Cannavino for allowing cross- 
address space calls that are deficient in Kempf While Kempf allows dynamically linking across 
address spaces, Kempf fails to account for several potential irregularities including exception 
handling for unauthorized accesses and attachment of separate address spaces. It is noted that 
neither Kempf nor Cannavino use the claimed language of a "protection view". It is Examiner's 
understanding that the claimed protection view acts as a set of domains to which an object in a 
particular domain may access. Cannavino shows this feature through the use of address space 
tables that indicate what address spaces access is authorized. Cannavino shows numerous other 
claimed features and the combination thereof with Kempf would have been obvious since it 
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would allow cross domain memory protection while also limiting the restrictions on calls that a 
program can make. 

Furthermore, by this amendment, Applicant seeks to clarify the claimed invention over 
the combination of Kempf and Cannavino by requiring the first and second domains to own 
opposing domains corresponding to a kernel space and a user space. Chu demonstrates that this 
is a well-known organization principle for protection domains and that conventional virtual 
memory address remapping supports the attachment of a kernel space domain into a user space 
domain, as claimed. It would have been obvious to one of ordinary skill in the art to consider 
Chu in combination with Kempf and Cannavino, as cross-domain address linking has limited 
fianctionality if only user application spaces are permitted to link to each other. When a user 
application needs to make a system call, e.g. an input/output operation, there is still a great deal 
of overhead incurred by invoking a supervisor or, for example, requiring a virtual machine to 
perform an expensive trap operation. Allowing cross-Unking of user and kernel spaces would 
allow such operations to occur in a much faster fashion, increasing the processing speed of the 
computer while maintaining security. 

8. As per claims 8-10 and 13-14, Kempf teaches the invention as claimed, including a 
method, comprising creating a task in a fu'st domain, the task executing a number of instructions 
(col. 6 hne 60 - col. 7 line 22); 

executing a first jump instruction in the number of instructions that refers to a link stub 
corresponding to an external location in a second domain (col 9 lines 14-25), wherein the link 
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stub includes a second jump instaiction to the external location (col. 9 lines 14-25) and is part of 
linking table entry corresponding to the external location (col. 7 lines 23-44); and 
executing the link stub (col. 9 lines 14-25). 

9. Cannavino teaches the invention as claimed, including comparing the external location to 
a task protection view (col. 15 line 62 - col 16 line 3); 

generating a processing exception when the external location is outside the task 
protection view (col. 16 lines 30-40); and 

executing an exception handling routine in response to the generation of the processing 
exception, the exception handling routine including saving a pre-exception setting of the task 
protection view on a task protection switch stack (col. 16 lines 45-54); 

altering the task protection view to include a protection view of the second domain (col. 
16 line 57 -col. 17 line 5); 

jumping to the external location (col. 17 lines 5-1 1); 

retrieving the pre-exception setting of the task protection view (col. 16 lines 48-50); 

restoring the task protection view using the pre-exception setting of the task protection 
view (col 17 lines 36-42); and 

returning to a subsequent instruction to the first jump instruction in the number of 
instructions (col. 17 lines 43-56). 

10. Chu teaches the invention as claimed, wherein the first domain owns one of a kernel 
space and a portion of a user space and the second domain owns the other one of the kernel space 
and a portion of the user space (col. 6 lines 21-26, 56-61; col. 7 lines 54-57). 
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11. As per claims 15-20, Kempf teaches the invention as claimed, including a computer 
system, comprising: 

a system space having a number of memory locations (col. 6 Hne 60 - col. 7 line 9); 

a number of protection domains, at least one of the number of protection domains owning 
a portion of the system space (col. 6 line 60 - col. 7 line 9), wherein the at least one of the 
number of protection domains is a system protection domain that includes at least one code 
module including executable code for operating system services (col. 5 lines 36-54) and at least 
one system object owned by the system protection domain (col. 5 lines 36-54), and the at least 
one of the number of protection domains includes at least one of 

a code module (col. 6 line 60 - col. 7 line 9); 

a link stub (col. 9 lines 14-25) that is part of a linking table entry in a linking table (col. 7 
lines 23-44); and 

an entry point represented in a symbol table (col. 9 lines 14-25). 

12. Cannavino teaches the invention as claimed, wherein each of the number of protection 
domains includes a protection view defining a set of the number of protection domains to which 
unprotected access may be made (col. 16 lines 10-15); and 

the system protection domain includes a protection domain list that includes entries for 
each of the number of protection domains (col. 15 line 62 - col. 16 line 3). 

13. Chu teaches the invention as claimed, wherein the first domain owns one of a kernel 
space and a portion of a user space and the second domain owns the other one of the kernel space 
and a portion of the user space (col. 6 lines 21-26, 56-61; col. 7 lines 54-57). 
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14. As per claims 21-23, Kempf teaches the invention as claimed, wherein at least one of the 
number of protection domains is a first protection domain that includes at least one code module 
including executable code for a first set of functions (col. 6 line 60 - col 7 line 9); 

a number of link stubs (col. 9 lines 14-25); 

wherein at least one of the link stubs corresponds to a symbol referenced in the 
executable code for the first set of functions (col. 6 line 60 - col. 7 line 22), and such at least one 
link stub includes executable code to direct execution to the executable code for operating 
system services (coL 9 lines 14-25); 

wherein the number of protection domains includes a second protection domain that 
includes at least one code module including executable code for a second set of functions (col. 9 
lines 14-25); 

a number of entry points (col. 9 lines 14-25); 

wherein each of the entry points corresponds to a symbol in the executable code for the 
second set of functions (col 9 lines 14-25); and 

wherein one of the link stubs of the first protection domain corresponds to one of the 
number of entry points in the second protection domain, and such link stub includes executable 
code to direct execution to the one of the number of entry points in the second protection domain 
(col 9 lines 14-25). 

15, As per claims 25-27, Cannavino teaches the invention as claimed, wherein the protection 
view sets a contiguous memory range of allowable memory accesses (col 6 line 59 - col. 7 line 
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12), and wherein a memory fault is generated when memory access is attempted outside of the 
memory range (col. 16 lines 45-54); and 

an exception handling routine that is executed on the occurrence of the memory fault, the 
exception handling routine including a protection switch mechanism (col. 16 lines 30-54) 

Response to Arguments 

16. Applicant's arguments with respect to claims 1-3, 5, 8-10, 13-13, and 25-27 have 
been considered but are moot in view of the new grounds of rejection. 

Conclusion 

17, Applicant's amendment necessitated the new grounds of rejection presented in this Office 
action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706, 07(a). Applicant is 
reminded of the extension of time policy as set forth in 37 CFR 1. 136(a), 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed J. Ali whose telephone number is (571) 272-3769. The 
examiner can normally be reached on Mon-Fri 8-5:30, 2nd Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai T. An can be reached on (571) 272-3756. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 





Syed Ali 
August 22, 2005 



TECHNOLOGY CEE^JTER 21 On 



